GDOCUPLOAD

Description

This family of malware is a utility designed to upload files to Google Docs. Nearly all communications are with docs.google.com are SSL encrypted. The malware does not use Google’s published API to interact with their services. The malware does not currently work with Google Docs. It does not detect HTTP 302 redirections and will get caught in an infinite loop attempting to parse results from Google that are not present.

Names

Name
GDOCUPLOAD

Type

Exfiltration

Information

http://contagiodump.blogspot.com/2013/03/mandiant-apt1-samples-categorized-by.html

Other Information

Uuid

c257ce2d-344b-4323-b0b8-affa59a934bb

Last Card Change

2020-04-20

Threat Intelligence Garden

Explorer

GDOCUPLOAD

GDOCUPLOAD

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks